Lucene search
UbuntuUSN-1438-1HistoryMay 03, 2012 - 12:00 a.m.
Nova vulnerability
2012-05-0300:00:00
ubuntu.com
30
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
AI Score
6.1
Confidence
Low
EPSS
0.013
Percentile
85.9%
Releases
- Ubuntu 12.04
- Ubuntu 11.10
Packages
- nova - OpenStack Compute cloud infrastructure
Details
Dan Prince discovered that Nova did not enforce quotas for security groups
and rules added to security groups. An authenticated user could exploit
this to cause a denial of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.04 | noarch | python-nova | < 2012.1-0ubuntu2.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | nova-ajax-console-proxy | < 2012.1-0ubuntu2.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | nova-api | < 2012.1-0ubuntu2.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | nova-api-ec2 | < 2012.1-0ubuntu2.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | nova-api-metadata | < 2012.1-0ubuntu2.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | nova-api-os-compute | < 2012.1-0ubuntu2.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | nova-api-os-volume | < 2012.1-0ubuntu2.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | nova-cert | < 2012.1-0ubuntu2.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | nova-common | < 2012.1-0ubuntu2.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | nova-compute | < 2012.1-0ubuntu2.1 | UNKNOWN |
References
Related
ubuntucve
ubuntucve
CVE-2012-2101
2012-04-19 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: openstack-nova-2012.1-2.fc17
2012-05-02 04:46:08
[SECURITY] Fedora 16 Update: openstack-nova-2011.3.1-8.fc16
2012-05-01 00:48:42
[SECURITY] Fedora 16 Update: openstack-nova-2011.3.1-10.fc16
2012-06-22 18:55:04
nvd
nvd
CVE-2012-2101
2012-06-07 19:55:08
openvas
openvas
Ubuntu Update for nova USN-1438-1
2012-05-04 00:00:00
Fedora Update for openstack-nova FEDORA-2012-6273
2012-08-30 00:00:00
Fedora Update for openstack-nova FEDORA-2012-6273
2012-08-30 00:00:00
cvelist
cvelist
CVE-2012-2101
2012-06-07 19:00:00
github
github
nessus
nessus
Ubuntu 11.10 / 12.04 LTS : nova vulnerability (USN-1438-1)
2012-05-04 00:00:00
Fedora 17 : openstack-nova-2012.1-2.fc17 (2012-6273)
2012-05-02 00:00:00
Fedora 16 : openstack-nova-2011.3.1-8.fc16 (2012-6365)
2012-05-01 00:00:00
debiancve
debiancve
CVE-2012-2101
2012-06-07 19:55:08
prion
prion
Hardcoded credentials
2012-06-07 19:55:00
securityvulns
securityvulns
[USN-1438-1] Nova vulnerability
2012-05-14 00:00:00
Nova DoS
2012-05-14 00:00:00
cve
cve
CVE-2012-2101
2012-06-07 19:55:08
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
AI Score
6.1
Confidence
Low
EPSS
0.013
Percentile
85.9%
Related for USN-1438-1